StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
75,798 Commits 1 Branch 0 Tags
dc40e465b47ddca6ac09946ffb2ff8ebdf3c9db7
Commit Graph

29493 Commits

Author SHA1 Message Date
Yi-yo Chiang
d31e97cc6d Merge "Fix init_boot partition AVB signing" am: 27a309f627 am: 85128a7fa0 
Original change: https://android-review.googlesource.com/c/platform/build/+/1941494

Change-Id: I4330eb68f30d31fa74c4e0f9bf980d1768776928
 2022-01-11 07:37:07 +00:00
Yi-Yo Chiang
44fb3619d1 Android T GKI certification scheme 
New scheme is to certify kernel & ramdisk image separately, and
effectively decouple kernel & user space ramdisk image.

Under the new scheme, the --os_version and --os_patch_level boot header
field must be empty in order to maintain consistency.
Instead, these values must be in the vbmeta hash descriptor and
GKI certificate.

The new scheme also validates the image metadata, including the security
patch level.

The 'generic_kernel' certificate is associated with the 'boot' partition
and 'generic_ramdisk' certificate with 'init_boot' partition.

The 'generic_ramdisk' certificate may be packed into the 'boot' image if
product configuration doesn't have 'init_boot' image, this is only for
testing purposes and would be removed eventually.

Bug: 210367929
Bug: 211741246
Bug: 203698939
Test: unpack_bootimg --boot_img boot.img
Test: unpack_bootimg --boot_img init_boot.img
Test: avbtool info_image --image out/boot_signature
Change-Id: Iaf48a6e3d4b97fa6bfb5e1635a288b045baa248f
 2022-01-11 15:14:38 +08:00
Yi-yo Chiang
27a309f627 Merge "Fix init_boot partition AVB signing" 2022-01-11 06:59:47 +00:00
Treehugger Robot
3ff2003a5f Merge "Embed host liblz4.so in target_files" am: 21e7285926 am: e3b9f4919e am: 8b1e80dae2 
Original change: https://android-review.googlesource.com/c/platform/build/+/1940645

Change-Id: Iefef2963de8898f11d94611669e96a727c399262
 2022-01-10 23:30:54 +00:00
Pirama Arumuga Nainar
909b666ec4 Merge "Set a BIONIC_COVERAGE .mk variable" am: bd7e1a38ba am: 8fdd8e7553 am: ad47bd9907 
Original change: https://android-review.googlesource.com/c/platform/build/+/1918952

Change-Id: I9060c64719df35eaff3e4aa0ebe4d2e5280da3e2
 2022-01-10 23:30:27 +00:00
Treehugger Robot
8b1e80dae2 Merge "Embed host liblz4.so in target_files" am: 21e7285926 am: e3b9f4919e 
Original change: https://android-review.googlesource.com/c/platform/build/+/1940645

Change-Id: Iaf86bc2d3d7b8fe1225ddecec681d036f61af73f
 2022-01-10 23:07:49 +00:00
Pirama Arumuga Nainar
ad47bd9907 Merge "Set a BIONIC_COVERAGE .mk variable" am: bd7e1a38ba am: 8fdd8e7553 
Original change: https://android-review.googlesource.com/c/platform/build/+/1918952

Change-Id: I4735b3327aa5b66b19b1065506e0a83350f62f11
 2022-01-10 23:07:31 +00:00
Treehugger Robot
21e7285926 Merge "Embed host liblz4.so in target_files" 2022-01-10 22:50:51 +00:00
Pirama Arumuga Nainar
bd7e1a38ba Merge "Set a BIONIC_COVERAGE .mk variable" 2022-01-10 22:36:57 +00:00
Victor Hsieh
271ca249c3 Merge "Add min_sdk_version to BuildManifest.apk" am: 70ca7c6add am: 30afe79e30 am: 829fe6d623 
Original change: https://android-review.googlesource.com/c/platform/build/+/1941946

Change-Id: I451e6a91e49efdc64687753e195bffda1180d997
 2022-01-10 20:57:07 +00:00
Victor Hsieh
829fe6d623 Merge "Add min_sdk_version to BuildManifest.apk" am: 70ca7c6add am: 30afe79e30 
Original change: https://android-review.googlesource.com/c/platform/build/+/1941946

Change-Id: I2e90e96f229e3570d2d0b41da5f71951eef3550f
 2022-01-10 20:39:13 +00:00
Kelvin Zhang
6877e81467 Embed host liblz4.so in target_files 
This file will be used by OTA generator to compress generated patches.
We need the host copy of LZ4 to ensure that compressed bytes matches
what the device would get if the compression were to be done on device.
For more details see go/lz4diff

Bug: 206729162
Test: m dist

Change-Id: I9c4ab772b001bf47da75cb87b028a1f27e2321a8
 2022-01-10 12:12:21 -08:00
Jiyong Park
efbb6ffa00 Add min_sdk_version to BuildManifest.apk 
sign_target_files_apks demands it.

Bug: 213823227
Test: run com.google.android.tradefed.ota.SigningToolTest#Testcase1_Signingtest
Change-Id: I1bba2b25a71449a57d284024e77fb76d1b79a0ee
 2022-01-10 20:14:05 +09:00
Treehugger Robot
9bc0d8a3fe Merge "Add sepolicy compat versions to soong config" am: 664dd48176 am: 96d7aa5d1c am: 6d3d669a7c 
Original change: https://android-review.googlesource.com/c/platform/build/+/1940869

Change-Id: I4344d069dc0549797766839cc9a9b70c9318e7fe
 2022-01-10 03:03:24 +00:00
Treehugger Robot
6d3d669a7c Merge "Add sepolicy compat versions to soong config" am: 664dd48176 am: 96d7aa5d1c 
Original change: https://android-review.googlesource.com/c/platform/build/+/1940869

Change-Id: I649c2c69974fd2866c19833afc4f2d532165d106
 2022-01-10 02:45:02 +00:00
Treehugger Robot
664dd48176 Merge "Add sepolicy compat versions to soong config" 2022-01-10 02:09:22 +00:00
Yi-Yo Chiang
33f973fd2a Fix init_boot partition AVB signing 
Typo: 'BOARD_AVB_INIT_BOOT_IMAGE_KEY_PATH' ->
  'BOARD_AVB_INIT_BOOT_KEY_PATH'

Record avb_init_boot_* arguments to misc_info.txt

Add INIT_BOOT_SECURITY_PATCH to support per-partition SPL.

Bug: 203698939
Test: avbtool info_image --image init_boot.img
Change-Id: I63e082b1dd675138a6ab5cceb8814b3673d26b13
 2022-01-09 16:28:25 +08:00
Bassem Khalife
389f21950c Update security string to 2022-03-01 
Bug: 211820647

Change-Id: I9afb39715b0e470866a344246566e6414071ae6a
Merged-In: Ic0fb477acd4bd79c0ee464bf53b5d688f74e4863
 2022-01-09 01:08:35 +00:00
Treehugger Robot
4d1a91b455 Merge "Change ifneq(,$(A) $(B)) to ifneq(,$(strip $(A) $(B)))" am: 6a95477b0f am: 4f8d04b603 am: d75823a4bf 
Original change: https://android-review.googlesource.com/c/platform/build/+/1941497

Change-Id: I32ef66c673653e2ed32bd824c6d59a181327a222
 2022-01-08 19:06:33 +00:00
Treehugger Robot
d75823a4bf Merge "Change ifneq(,$(A) $(B)) to ifneq(,$(strip $(A) $(B)))" am: 6a95477b0f am: 4f8d04b603 
Original change: https://android-review.googlesource.com/c/platform/build/+/1941497

Change-Id: I4a164373f540863d6f7062347e9eb90261659202
 2022-01-08 18:54:23 +00:00
Yi-Yo Chiang
8193900f87 Change ifneq(,$(A) $(B)) to ifneq(,$(strip $(A) $(B))) 
Else the branch condition would always evaluate to true, making the
other branch useless and wrong!

Bug: 211741246
Test: m dist
Change-Id: I4791712632cbe0d5a9e20962c8425dd20bbe0bfd
 2022-01-08 15:59:02 +00:00
Treehugger Robot
a96408cb32 Merge "Add missing dependencies of fs-verity manifest APK" am: d541c6c898 am: c10c51039e am: 51d95fc646 
Original change: https://android-review.googlesource.com/c/platform/build/+/1941183

Change-Id: I140d0188356062ba214289fc60d2cef5310b3551
 2022-01-07 23:20:55 +00:00
Treehugger Robot
51d95fc646 Merge "Add missing dependencies of fs-verity manifest APK" am: d541c6c898 am: c10c51039e 
Original change: https://android-review.googlesource.com/c/platform/build/+/1941183

Change-Id: Iefb5d275489b9c5adce2e5a621557d06326322d1
 2022-01-07 23:07:01 +00:00
Treehugger Robot
d541c6c898 Merge "Add missing dependencies of fs-verity manifest APK" 2022-01-07 22:28:25 +00:00
Victor Hsieh
fb3ef8a59f Generate .fsv_meta for more files 
For system/framework, it now also includes *.jar.prof (needed by
odrefresh), *.vdex and <arch>/*.{odex,art} (for future-proof).

system/etc/classpaths/*.pb are also added so that we can run
derive_classpath to collect from.

system/etc/updatable-bcp-packages.txt is removed because it's no longer
used by ART.

Bug: 206869687
Test: see new files in `unzip -p $OUT/system/etc/security/fsverity/ \
      BuildManifest.apk assets/build_manifest.pb`
Change-Id: Id759f5caec8ba683af8629956b9268a4fbd74186
 2022-01-07 14:12:11 -08:00
Cole Faust
64c2ddb619 Add TARGET_RECOVERY_FSTAB_GENRULE 
This variable can be set instead of TARGET_RECOVERY_FSTAB
in order to specify a generated fstab file.

Bug: 201700692
Test: Presubmits
Change-Id: If0fae81ec53915e9ed4bab2e8b1a9f8376894537
 2022-01-07 13:50:54 -08:00
Victor Hsieh
be1029af71 Add missing dependencies of fs-verity manifest APK 
Otheriwse, the build complains about missing files when
PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA is enabled (aosp/1937717).

Bug: 206326351
Test: clobber, set PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true, build
Change-Id: I11d18914d63cab0b84ae711f2334747cb26ca234
 2022-01-07 11:07:52 -08:00
Bill Yi
1ebd070c8d Merge "Merge sc-qpr1 to aosp-master - DO NOT MERGE" 2022-01-07 17:29:11 +00:00
Inseob Kim
934aaaffa6 Add sepolicy compat versions to soong config 
Bug: 33691272
Test: build
Change-Id: Idef2efb8bb9ea6ea2b4bd072b4e75296b12294d1
 2022-01-07 19:16:34 +09:00
Yi-yo Chiang
246e4a3e06 Merge "Verbose warning message for PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT" am: ec918431a5 am: 21013eaa18 am: bb52d2bc9d 
Original change: https://android-review.googlesource.com/c/platform/build/+/1860893

Change-Id: I1525b4622f1bb5450abca544c0f0e1b9ddc24538
 2022-01-07 06:13:12 +00:00
Yi-yo Chiang
94e499b4e2 Merge "Unconditionally copy the system build.prop into target_files archive" am: 5709c4a93f am: 5efc0feefa am: c0db3151ce 
Original change: https://android-review.googlesource.com/c/platform/build/+/1935974

Change-Id: Ic00a587220728e5ad253c1407381074f2fa37ba0
 2022-01-07 06:13:02 +00:00
Yi-yo Chiang
bb52d2bc9d Merge "Verbose warning message for PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT" am: ec918431a5 am: 21013eaa18 
Original change: https://android-review.googlesource.com/c/platform/build/+/1860893

Change-Id: I2de2ea18016b144882859a4f0b222e29a62dbfd7
 2022-01-07 05:56:37 +00:00
Yi-yo Chiang
c0db3151ce Merge "Unconditionally copy the system build.prop into target_files archive" am: 5709c4a93f am: 5efc0feefa 
Original change: https://android-review.googlesource.com/c/platform/build/+/1935974

Change-Id: Id4e5f7272b0debf649c4cef83c9eb835b060fb90
 2022-01-07 05:56:21 +00:00
Yi-yo Chiang
21013eaa18 Merge "Verbose warning message for PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT" am: ec918431a5 
Original change: https://android-review.googlesource.com/c/platform/build/+/1860893

Change-Id: Iaa9365f9f6ff51a7accb95da3093886969925b9d
 2022-01-07 05:42:41 +00:00
Yi-yo Chiang
5efc0feefa Merge "Unconditionally copy the system build.prop into target_files archive" am: 5709c4a93f 
Original change: https://android-review.googlesource.com/c/platform/build/+/1935974

Change-Id: I1801eff75b29ed42fbde2129e2366ec8ae0b5969
 2022-01-07 05:42:24 +00:00
Yi-yo Chiang
ec918431a5 Merge "Verbose warning message for PRODUCT_INSTALL_DEBUG_POLICY_TO_SYSTEM_EXT" 2022-01-07 05:30:23 +00:00
Yi-yo Chiang
5709c4a93f Merge "Unconditionally copy the system build.prop into target_files archive" 2022-01-07 05:27:35 +00:00
Treehugger Robot
9c4a78ceae Merge "Move fsverity metadata generation to Makefile" am: 7c88c9c1e6 am: 2d6411ed06 am: eea503cf81 
Original change: https://android-review.googlesource.com/c/platform/build/+/1937129

Change-Id: I63acc3d03045313d621b3b5790f617651fe9ee60
 2022-01-07 04:22:58 +00:00
Treehugger Robot
eea503cf81 Merge "Move fsverity metadata generation to Makefile" am: 7c88c9c1e6 am: 2d6411ed06 
Original change: https://android-review.googlesource.com/c/platform/build/+/1937129

Change-Id: I2f671ca03738e5fffb9f187f03c191abe3aa0d9b
 2022-01-07 04:03:05 +00:00
Treehugger Robot
2d6411ed06 Merge "Move fsverity metadata generation to Makefile" am: 7c88c9c1e6 
Original change: https://android-review.googlesource.com/c/platform/build/+/1937129

Change-Id: I67b18122ed2fae0ad5a4f0684e257fd6f21063fc
 2022-01-07 03:48:55 +00:00
Treehugger Robot
7c88c9c1e6 Merge "Move fsverity metadata generation to Makefile" 2022-01-07 03:37:16 +00:00
Bill Yi
5a77fbf008 Merge sc-qpr1 to aosp-master - DO NOT MERGE 
Merged-In: I017a5d9c3cd227e0b1a4deaa8dface646bc0a887
Merged-In: I71f542d511cf6397d84d40b1fb688c307cdd386e
Change-Id: Id5d2b7b2b18ae1a1919a53121c06fb309e5b2eee
 2022-01-06 18:38:30 -08:00
Bill Yi
4867e1ad0e Merge "Merge SQ1A.220105.002 to stage-aosp-master - DO NOT MERGE" into stage-aosp-master 2022-01-07 01:41:28 +00:00
Treehugger Robot
404cd2b1c9 Merge "Export test data dependencies in module-info" am: 802c86f831 am: 2a04f251b9 am: ca2783c384 
Original change: https://android-review.googlesource.com/c/platform/build/+/1928387

Change-Id: Ic018f7692b31cf6d49a5a43a2d4e9192f0983111
 2022-01-07 01:28:55 +00:00
Treehugger Robot
ca2783c384 Merge "Export test data dependencies in module-info" am: 802c86f831 am: 2a04f251b9 
Original change: https://android-review.googlesource.com/c/platform/build/+/1928387

Change-Id: I1b42b3e7acdaa94a6b6b1920159c481e6f814995
 2022-01-07 01:15:32 +00:00
Bassem Khalife
16caffd2e7 Update Security String to 2022-03-05 
Bug: 211820647
Change-Id: Ic0fb477acd4bd79c0ee464bf53b5d688f74e4863
 2022-01-07 00:50:18 +00:00
Treehugger Robot
802c86f831 Merge "Export test data dependencies in module-info" 2022-01-07 00:36:54 +00:00
Inseob Kim
135c1f144f Move fsverity metadata generation to Makefile 
build_image.py has been handling fsverity metadata generation in the
packing step, but it can cause issues because the metadata files are
missing in the $OUT directory, and they only exist in result system.img.
This change moves the generation logic into Makefile, and makes the
metadata tracked by ninja graph.

Bug: 206326351
Test: PRODUCT_SYSTEM_FSVERITY_GENERATE_METADATA := true and build
Change-Id: I1f910d8ac6e2cc3c54f35916871733c632f18e44
 2022-01-07 09:16:42 +09:00
Spandan Das
d726f5375c Merge "Move manifest generation logic into static_java_library.mk" am: 13daf3d4a2 am: 362bf03c3b am: 0d3e1277c6 
Original change: https://android-review.googlesource.com/c/platform/build/+/1835800

Change-Id: Ic2119ae12d3b0b512533a5bc234e2eab6915cbcd
 2022-01-06 23:13:09 +00:00
Spandan Das
0d3e1277c6 Merge "Move manifest generation logic into static_java_library.mk" am: 13daf3d4a2 am: 362bf03c3b 
Original change: https://android-review.googlesource.com/c/platform/build/+/1835800

Change-Id: Ie3d1f00336f86542103bda4b33d9b9d03e9e3927
 2022-01-06 23:00:13 +00:00